This commit is contained in:
Dennis Schmidt 2026-02-16 10:27:42 +00:00 committed by GitHub
commit 087e2f084f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 85 additions and 0 deletions

View file

@ -106,6 +106,7 @@ ver. 1.1.1-dev-1 (20??/??/??) - development nightly edition
* `action.d/nftables.conf` (gh-3291):
- new parameter `addr_options` for addr-set (default `flags interval\;`, allows to store CIDR or address ranges);
can be set to empty value to create simple addresses set (restore previous behavior).
* `action.d/ntfy.conf` - new action for sending push notifications with ntfy.sh
* `action.d/firewallcmd-rich-*.conf` - fixed incorrect quoting, disabling port variable expansion
by substitution of rich rule (gh-3815)
* `filter.d/dovecot.conf`:

84
config/action.d/ntfy.conf Normal file
View file

@ -0,0 +1,84 @@
# Fail2Ban configuration file
#
# Action to send push notifications with ntfy via ntfy.sh or your own ntfy server
#
# Author: Dennis Schmidt
#
# Example (ban & notify):
#
# action = %(action_)s
# ntfy[ntfyurl="%(ntfyurl)s", ntfytopic="%(ntfytopic)s", ntfytoken="%(ntfytoken)s", ntfypriority="%(ntfypriority)s"]
#
[Definition]
# bypass ban/unban for restored tickets
norestored = 1
# Option: actionstart
# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false).
# Values: CMD
#
actionstart = curl -f -s \
-H 'Authorization: Bearer <ntfytoken>' \
-H 'Tags: information_source' \
-H 'Title: Fail2Ban - <fq-hostname>' \
-d 'The jail <name> has been started successfully.' \
<ntfyurl>/<ntfytopic>
# Option: actionstop
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
# Values: CMD
#
actionstop = curl -f -s \
-H 'Authorization: Bearer <ntfytoken>' \
-H 'Tags: information_source' \
-H 'Title: Fail2Ban - <fq-hostname>' \
-d 'The jail <name> has been stopped.' \
<ntfyurl>/<ntfytopic>
# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck =
# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Values: CMD
#
actionban = curl -f -s \
-H 'Authorization: Bearer <ntfytoken>' \
-H "Priority: <ntfypriority>" \
-H 'Tags: no_entry_sign' \
-H 'Title: Fail2Ban - <fq-hostname>' \
-d 'The IP <ip> has just been banned after <failures> attempts against <name>.' \
<ntfyurl>/<ntfytopic>
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Values: CMD
#
actionunban =
[Init]
# ntfy server url
#
ntfyurl = https://ntfy.sh
# ntfy topic
#
ntfytopic = alerts
# ntfy token
# Use access token or leave empty if authentication not required
#
ntfytoken =
# ntfy ban notification priority
# Options: max, high, default, low, min
#
ntfypriority = default